Linux kernel built with a Adaptec RAID controllers support(CONFIG_SCSI_AACRAID) is vulnerable to a invalid pointer dereference flaw. It could occur while doing an ioctl(2) call with a FSACTL_SEND_RAW_SRB command. A privileged(CAP_SYS_ADMIN) user/program could use this flaw to make kernel dereference invalid pointer which results in kernel crash (DoS) or could, potentially, result in privilege escalation. Upstream fix: ------------- -> https://git.kernel.org/linus/b4789b8e6be3151a955ade74872822f30e8cd914 Reference: ---------- -> http://seclists.org/oss-sec/2013/q4/330
nt
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1034304]
Statement: The Red Hat Security Response Team does not consider this issue to be a security flaw due to the full root-like privileges (CAP_SYS_ADMIN) needed for successful exploitation.
kernel-3.11.10-300.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
kernel-3.11.10-200.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
kernel-3.11.10-100.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.